CVE-2025-2441

MEDIUM Year: 2025
CVSS v3 Score
4.6
Medium
Weakness Type
CWE-1188
View all →

Vulnerability Description

CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could lead to loss of confidentiality when a malicious user, having physical access, sets the radio in factory default mode where the product does not correctly initialize all data.

Related Vulnerabilities

CVE-2021-33130

MEDIUM
CVSS:4.6(Medium)

Insecure default variable initialization of Intel(R) RealSense(TM) ID Solution F450 before version 2.6.0.74 may allow an unauthenticated user to potentially enable information disclosure via physical ...

CWE-11882021

CVE-2020-12327

MEDIUM
CVSS:4.4(Medium)

Insecure default variable initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow a privileged user to potentially enable information disclosure via local ...

CWE-11882020

CVE-2024-44096

MEDIUM
CVSS:4.4(Medium)

there is a possible arbitrary read due to an insecure default value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploit...

CWE-11882024

CVE-2020-11917

MEDIUM
CVSS:4.3(Medium)

An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. It uses a default SSID value, which makes it easier for remote attackers to discover the physical locations of many Siime Eye devices...

CWE-11882020

CVE-2024-30124

MEDIUM
CVSS:4.0(Medium)

HCL Sametime is impacted by insecure services in-use on the UIM client by default. An unused legacy REST service was enabled by default using the HTTP protocol. An attacker could potentially use this ...

CWE-11882024

CVE-2017-5491

MEDIUM
CVSS:5.3(Medium)

wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting restrictions via a spoofed mail server with the mail.example.com name.

CWE-11882017